The GDPR (General Data Protection Regulation) is a European data privacy regulation that will become enforceable on May 25th, 2018. The GDPR replaces the 1995 Data Protection Directive. One of the notable changes brought by this new regulation is that it applies to companies that market their products to EU citizens even if the company is not based in the EU. You can learn more about the GDPR here.

Vanilla has prior experience with data regulation, we are a Canadian company and operate under Canada’s Personal Information Protection and Electronic Documents Act. We have also worked with our EU-based customers and US-based vendors to put in place data processing agreements to ensure compliance with EU regulations.

Vanilla’s staff has undergone training on handling data and we have put internal procedures in place to handle requests coming from both our customers and from individuals. Here are some ways that Vanilla can help you with compliance efforts:

  • Provide you with details on the data stored in our application
  • Provide you with a list of Vanilla vendors (sub-processors) that might receive data, if applicable
  • Fulfill requests from individuals such as ‘the right to be forgotten’ or ‘data portability’

For assistance with GDPR or any data regulation issues, please contact your Customer Success manager or [email protected].